diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2016-06-05 13:45:10 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2016-06-05 13:45:10 +0000 |
| commit | c4fd1750f703a7649f0b3b52b25cf32fa532b5b3 (patch) | |
| tree | f94e5de3b00a6eb8c2b6741f847c2bb8d75625f7 /test/functional/issues_controller_test.rb | |
| parent | a23450fe08f367a1d4a03e937c3f8e90f83383fe (diff) | |
| download | redmine-c4fd1750f703a7649f0b3b52b25cf32fa532b5b3.tar.gz redmine-c4fd1750f703a7649f0b3b52b25cf32fa532b5b3.zip | |
Adds permission to edit and delete issues by role/tracker (#285).
git-svn-id: http://svn.redmine.org/redmine/trunk@15466 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'test/functional/issues_controller_test.rb')
| -rw-r--r-- | test/functional/issues_controller_test.rb | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/test/functional/issues_controller_test.rb b/test/functional/issues_controller_test.rb index 8888cf712..dc50d1331 100644 --- a/test/functional/issues_controller_test.rb +++ b/test/functional/issues_controller_test.rb @@ -3872,6 +3872,30 @@ class IssuesControllerTest < ActionController::TestCase assert_redirected_to '/issues/11?issue_count=3&issue_position=2&next_issue_id=12&prev_issue_id=8' end + def test_update_with_permission_on_tracker_should_be_allowed + role = Role.find(1) + role.set_permission_trackers :edit_issues, [1] + role.save! + issue = Issue.generate!(:project_id => 1, :tracker_id => 1, :subject => 'Original subject') + + @request.session[:user_id] = 2 + put :update, :id => issue.id, :issue => {:subject => 'Changed subject'} + assert_response 302 + assert_equal 'Changed subject', issue.reload.subject + end + + def test_update_without_permission_on_tracker_should_be_denied + role = Role.find(1) + role.set_permission_trackers :edit_issues, [1] + role.save! + issue = Issue.generate!(:project_id => 1, :tracker_id => 2, :subject => 'Original subject') + + @request.session[:user_id] = 2 + put :update, :id => issue.id, :issue => {:subject => 'Changed subject'} + assert_response 302 + assert_equal 'Original subject', issue.reload.subject + end + def test_get_bulk_edit @request.session[:user_id] = 2 get :bulk_edit, :ids => [1, 3] @@ -4702,6 +4726,32 @@ class IssuesControllerTest < ActionController::TestCase assert_response 404 end + def test_destroy_with_permission_on_tracker_should_be_allowed + role = Role.find(1) + role.set_permission_trackers :delete_issues, [1] + role.save! + issue = Issue.generate!(:project_id => 1, :tracker_id => 1) + + @request.session[:user_id] = 2 + assert_difference 'Issue.count', -1 do + delete :destroy, :id => issue.id + end + assert_response 302 + end + + def test_destroy_without_permission_on_tracker_should_be_denied + role = Role.find(1) + role.set_permission_trackers :delete_issues, [2] + role.save! + issue = Issue.generate!(:project_id => 1, :tracker_id => 1) + + @request.session[:user_id] = 2 + assert_no_difference 'Issue.count' do + delete :destroy, :id => issue.id + end + assert_response 403 + end + def test_default_search_scope get :index |